Talk:Sony Update Downloads

From Exploitee.rs
Revision as of 09:25, 11 February 2011 by Abliss (talk | contribs) (contributing more chars of the pad (up to 134) and my script for building it out.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

I worked on expanding the pad a bit. Here's the script I use.

#!/usr/bin/perl
use strict;
package abliss;
my $start = shift;

open HEX, "<./history/other/RfHid_v0156_2010091601_NL.hex" or die;
open OUT, ">>pad.bin";
open IN, "<pad.bin";
my @files = (
    "./history/NBL/batch_sync-vfat.sh",
    "./history/board_conf.sh",
    "./history/other/check_spectra1_20100929.sh",
    "./history/other/factory_reset_conditional_keepremote_20101012.sh",
    "./history/other/format_sda_20100514.sh");
my @fds;
for (my $i = 0; $i <= $#files; $i++) {
    open (my $fd, $files[$i]) or die "can't open " . $files[$i];
    push(@fds, $fd);
}
my @contents;

my $hexbyte;
my @hexchars = qw(0 1 2 3 4 5 6 7 8 9 A B C D E F :);
push(@hexchars, "\r");
push(@hexchars, "\n");
my @output = ();
our $xorbyte;
while (read(HEX, $hexbyte, 1)) {
    for (my $i = 0; $i <= $#files; $i++) {
        my $char;
        if (read($fds[$i], $char, 1)) {
            $contents[$i] .= $char;
            if (length($contents[$i]) > 30) {
                $contents[$i] = substr($contents[$i], 1);
            }
        }
    }
    if ($start-- > 0) {
        my $char;
        read(IN, $char, 1);
        $xorbyte = ord($char);
    } else {
        for (my $j = 0; $j <= $#hexchars; $j++) {
            $xorbyte = ord($hexbyte) ^ ord($hexchars[$j]);
            my $choices = "";
            my $ok = 1;
            for (my $i = 0; $i <= $#files; $i++) {
                my $neword = (ord(substr($contents[$i],length($contents[$i]) - 1)) ^ $xorbyte);
                if ($neword > 127 || 
                    ($neword < 32 && 
                     $neword != 9 && # tab
                     $neword != 10 && # LF
                     $neword != 13 # CR
                    )) {
                    $ok = 0;
                    #printf "==== %2d ====\n%s\n", $j, xorlastbyte($contents[$i]);
                    last;
                }
            }
            if ($ok) {
                printf "==== %2d ====\n%s\n", $j, join("\n--\n", map {xorlastbyte($_)} @contents);
            }
        }
        my $answer = <STDIN>;
        chomp $answer;
        if ($answer eq "q") {
            close OUT;
            die;
        }
        $xorbyte = ord($hexbyte) ^ ord($hexchars[$answer]);
        print OUT chr($xorbyte);
    }
    @contents = map {xorlastbyte($_)} @contents;
}

sub xorlastbyte {
    my $content = shift;
    if ($content) {
        my @chars = split(//, $content);
        $chars[-1] = chr(ord($chars[-1])^ $xorbyte);
        return join('', @chars);
    }
}

Here's my pad, 134 chars:

00000000  38 cf 4f aa 7a 8a 2e 3e  2b 41 82 9a ad 31 e9 dc  |8.O.z..>+A...1..|
00000010  ef 47 2f 0b 26 76 12 fe  5f 5b 58 e1 10 18 7d e6  |.G/.&v.._[X...}.|
00000020  ad 92 1b 91 8e 90 69 f7  8a 9b 68 d8 98 58 fa 95  |......i...h..X..|
00000030  63 81 d6 5f 04 7d 29 8b  09 cf b9 21 b8 d9 df dd  |c.._.})....!....|
00000040  c4 7e 71 d9 3f 35 ea 7b  0d ec 7f d1 a3 76 64 88  |.~q.?5.{.....vd.|
00000050  a5 8e 27 49 60 c0 a0 bc  77 54 31 e3 d6 6a bf e5  |..'I`...wT1..j..|
00000060  1b 42 25 da a3 97 b8 e1  ba 54 13 5b 68 31 da ff  |.B%......T.[h1..|
00000070  1c 5c 15 46 4e 32 f1 76  50 e0 4e f3 ab 9a 28 bb  |.\.FN2.vP.N...(.|
00000080  b5 cf 2f 50 24 45                                 |../P$E|

I checked the checksums in the .hex file and they all validate so far.